def get_user_token_using_refresh_token(username, refresh_token): try: resp = CLIENT.admin_initiate_auth( UserPoolId=settings.USER_POOL_ID, ClientId=settings.CLIENT_ID, AuthFlow='REFRESH_TOKEN_AUTH', AuthParameters={ 'REFRESH_TOKEN': refresh_token, 'SECRET_HASH': get_secret_hash(username) } ) except CLIENT.exceptions.NotAuthorizedException: return False, "Incorrect username or password" except CLIENT.exceptions.UserNotFoundException: return False, "Username does not exists" except Exception as e: return False, str(e) if 'AuthenticationResult' in resp: token = { 'access': resp['AuthenticationResult']['IdToken'], 'token': resp['AuthenticationResult']['AccessToken'], 'refresh': refresh_token } return True, token return True, resp
def get_user_token(username, password): username = username.lower() username = username.strip() try: resp = CLIENT.admin_initiate_auth( UserPoolId=settings.USER_POOL_ID, ClientId=settings.CLIENT_ID, AuthFlow='ADMIN_NO_SRP_AUTH', AuthParameters={ 'USERNAME': username, 'SECRET_HASH': get_secret_hash(username), 'PASSWORD': password }, ClientMetadata={ 'username': username, 'password': password }) except CLIENT.exceptions.NotAuthorizedException: raise NotAuthenticated("The username or password is incorrect.") except CLIENT.exceptions.UserNotConfirmedException: raise NotAuthenticated("User is not confirmed.") except Exception as e: raise NotAuthenticated(str(e)) if 'AuthenticationResult' in resp: resp = { 'access': resp['AuthenticationResult']['IdToken'], 'refresh': resp['AuthenticationResult']['RefreshToken'], 'token': resp['AuthenticationResult']['AccessToken'] } return resp
def force_reset_password(username, new_password, session, challengename='NEW_PASSWORD_REQUIRED'): username = username.lower() username = username.strip() try: res_change_password = CLIENT.admin_respond_to_auth_challenge( UserPoolId=settings.USER_POOL_ID, ClientId=settings.CLIENT_ID, ChallengeName=challengename, ChallengeResponses={ 'USERNAME':username, 'NEW_PASSWORD':new_password, 'SECRET_HASH':get_secret_hash(username) }, Session=session ) except CLIENT.exceptions.NotAuthorizedException: raise NotAuthenticated('Invalid session for the user.') except CLIENT.exceptions.CodeMismatchException: raise NotAuthenticated('Invalid session for the user, code mismatch.') except Exception as e: raise NotAuthenticated(str(e)) token = { 'access': res_change_password['AuthenticationResult']['IdToken'], 'refresh': res_change_password['AuthenticationResult']['RefreshToken'], 'token': res_change_password['AuthenticationResult']['AccessToken'] } return token
def remove_user_from_group(user_details, group_name): try: response = CLIENT.admin_remove_user_from_group( UserPoolId=settings.USER_POOL_ID, Username=user_details['Username'], GroupName=group_name) except Exception as e: return False, "Exception in remove_user_from_group {}".format(str(e)) return True, response
def create_group(group_name): try: resp = CLIENT.create_group(GroupName=group_name, UserPoolId=settings.USER_POOL_ID) except Exception as e: raise APIException.ParseError( "Exception in create_group {}".format(str(e)), status.HTTP_400_BAD_REQUEST) return resp
def add_new_test_student(username, firstname, lastname, password): attributes = [{ "Name": "email_verified", "Value": "true" }, { "Name": "custom:student_type", "Value": '' }, { "Name": "custom:UserType", "Value": "Student" }, { "Name": "custom:user_portal", "Value": "GPS" }, { "Name": "custom:college_name", "Value": str([]) }, { "Name": "custom:institution_uuid", "Value": str([]) }, { "Name": "given_name", "Value": firstname }, { "Name": "family_name", "Value": lastname }, { "Name": "email", "Value": username }, { "Name": "custom:logo", "Value": '' }] new_user = CLIENT.admin_create_user(Username=username, UserPoolId=USER_POOL_ID, UserAttributes=attributes, MessageAction="SUPPRESS") response = CLIENT.admin_set_user_password(UserPoolId=USER_POOL_ID, Username=username, Password=password, Permanent=True)
def add_user_to_group(user_details, group_name): try: response = CLIENT.admin_add_user_to_group( UserPoolId=settings.USER_POOL_ID, Username=user_details['Username'], GroupName=group_name) except Exception as e: log.error("Exception in add_user_to_group {}".format(str(e))) raise APIException.ParseError( "Exception in add_user_to_group {}".format(str(e)), status.HTTP_400_BAD_REQUEST) return response
def check_if_group_exists(group_name_stripped): try: group = CLIENT.get_group(GroupName=group_name_stripped, UserPoolId=settings.USER_POOL_ID) except CLIENT.exceptions.ResourceNotFoundException as e: log.error("Group doesnt exists %s" % str(e)) group = create_group(group_name_stripped) except Exception as e: log.error("Error while checking from group %s" % str(e)) raise APIException.ParseError( "Exception in check_if_group_exists {}".format(str(e)), status.HTTP_400_BAD_REQUEST) return group
def add_user(username, attributes): username = username.lower() username = username.strip() try: new_user = CLIENT.admin_create_user(Username=username, UserPoolId=settings.USER_POOL_ID, UserAttributes=attributes, DesiredDeliveryMediums=["EMAIL"]) except CLIENT.exceptions.UsernameExistsException as e: log.error("Email already exists %s" % str(e)) raise APIException("Email already exists", status.HTTP_409_CONFLICT) except Exception as e: log.error("Error while user registeration %s" % str(e)) raise APIException("Error: {}".format(str(e)), status.HTTP_400_BAD_REQUEST) user_details = new_user['User'] return user_details
def add_new_test_student(username, firstname, lastname, password): payload = { "first_name": firstname, "last_name": lastname, "email": username, "agree": True, "instance": "", "institute_logo": "" } print(payload) headers = {} headers["Content-Type"] = "application/json" headers["Accept"] = "application/json" newuser = requests.post("https://gps-v2.goeducate.com/pt/api/v2/signup", json=payload, headers=headers) # print(newuser.text) print(newuser.status_code) #:print(newuser.text) response = CLIENT.admin_set_user_password(UserPoolId=USER_POOL_ID, Username=username, Password=password, Permanent=True)